Privacy Policy

1. Introduction

Bolutions Ltd ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI chatbot services, business automation solutions, and related platforms. This policy applies to all our services including but not limited to AI assistants, WhatsApp Business integrations, website chatbots, and custom business automation solutions.

2. Information We Collect

2.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, company name, job title
• Business Information: Company details, industry, business requirements, custom AI assistant specifications
• Communication Data: Messages, queries, conversations, and interactions with our AI chatbot services
• Account Information: Login credentials, preferences, settings, and subscription details
• Payment Information: Billing address, payment method details (processed securely through third-party providers)

2.2 Information Collected Automatically

• Technical Data: IP address, browser type and version, device information, operating system
• Usage Data: Pages visited, time spent, click patterns, feature usage, conversation analytics
• Integration Data: Data from platforms where our AI assistants are deployed (websites, WhatsApp, other messaging platforms)
• Performance Data: AI response accuracy, conversation flow metrics, system performance data
• Cookies and Tracking: Session cookies, analytics cookies, preference cookies

2.3 Information from Third Parties

• Platform Integration Data: Information from WhatsApp Business API, website platforms, CRM systems
• Business Verification: Company verification data from business directories and verification services
• AI Model Data: Anonymized conversation data used to improve AI models (with your consent)

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: Deliver AI chatbot services, process conversations, provide intelligent responses
• Customization: Develop and customize AI assistants according to your business needs and specifications
• Customer Support: Respond to inquiries, provide technical support, troubleshoot issues
• Service Improvement: Analyze usage patterns, improve AI models, enhance conversation accuracy
• Communication: Send service updates, maintenance notifications, marketing communications (with consent)
• Billing and Payments: Process payments, manage subscriptions, send invoices
• Legal Compliance: Comply with legal obligations, protect our rights, prevent fraud
• Analytics and Research: Understand user behavior, improve services, develop new features

4. Legal Basis for Processing (GDPR Compliance)

Under the General Data Protection Regulation (GDPR), we process your personal data based on:

• Contract Performance: Processing necessary to provide our AI services
• Legitimate Interest: Improving our services, preventing fraud, marketing to existing customers
• Consent: Marketing communications, cookies, optional data processing
• Legal Obligation: Compliance with laws, tax requirements, legal proceedings

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information only in these circumstances:

5.1 Service Providers and Partners

• AI Technology Partners: OpenAI (for AI models like ChatGPT-4o-mini), other AI service providers
• Communication Platforms: Meta/Facebook (for WhatsApp Business API), other messaging platforms
• Infrastructure Providers: Cloud hosting services, content delivery networks, security services
• Payment Processors: Secure payment gateway providers, billing services
• Analytics Services: Website analytics, conversation analytics, performance monitoring

5.2 Legal and Business Requirements

• Legal Compliance: When required by law, court orders, regulatory requirements
• Rights Protection: To protect our rights, property, or safety, or that of our users
• Business Transfers: In connection with mergers, acquisitions, or sale of business assets
• Fraud Prevention: To investigate, prevent, or take action regarding fraud or illegal activities

6. Platform-Specific Privacy Practices

6.1 WhatsApp Business Integration

• Conversations are processed through WhatsApp Business API in compliance with Meta's policies
• Messages are automatically saved and analyzed for AI improvement
• Your WhatsApp data is handled according to Meta's privacy standards
• We follow WhatsApp Business Policy and Terms of Service

6.2 Website Integration

• AI assistants embedded on websites collect visitor interaction data
• Conversation data is used to improve chatbot responses
• Website owners have access to conversation analytics
• Integration complies with website privacy policies

6.3 AI Model Processing

• Conversations may be processed by third-party AI services (OpenAI, etc.)
• Data is anonymized where possible before processing
• AI providers have their own privacy policies governing data use
• You can opt-out of data sharing for AI improvement

7. Data Security

We implement comprehensive security measures to protect your information:

• Encryption: All data in transit and at rest is encrypted using industry-standard protocols
• Access Controls: Strict access controls and authentication requirements for our systems
• Regular Audits: Regular security assessments and vulnerability testing
• Employee Training: Regular privacy and security training for all staff
• Incident Response: Comprehensive incident response plan for potential breaches
• Secure Infrastructure: Use of secure cloud services with enterprise-grade security

8. Data Retention

We retain your information for different periods depending on the type of data and purpose:

• Conversation Data: Stored for the duration of your subscription plus 12 months for analysis
• Account Information: Retained while your account is active plus 7 years for legal compliance
• Payment Data: Retained for 7 years for tax and accounting purposes
• Marketing Data: Until you unsubscribe or withdraw consent
• Legal Compliance Data: As required by applicable laws and regulations

9. Your Rights and Choices

Under applicable privacy laws (including GDPR and CCPA), you have the following rights:

9.1 Access and Portability

• Right to access your personal information
• Right to receive a copy of your data in a portable format
• Right to know what personal information we have about you

9.2 Correction and Deletion

• Right to correct inaccurate or incomplete information
• Right to request deletion of your personal information
• Right to request restriction of processing in certain circumstances

9.3 Consent and Objection

• Right to withdraw consent where processing is based on consent
• Right to object to processing based on legitimate interests
• Right to opt-out of marketing communications
• Right to object to automated decision-making

9.4 How to Exercise Your Rights

To exercise any of these rights, contact us at bolutions.agency@gmail.com. We will respond to your request within 30 days.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience:

• Essential Cookies: Necessary for website functionality and security
• Analytics Cookies: Help us understand website usage and improve our services
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising (with your consent)

You can control cookies through your browser settings, but some features may not work properly if cookies are disabled.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including:

• United Kingdom (our primary operations)
• European Union (data processing facilities)
• United States (AI service providers, cloud infrastructure)

We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses and adequacy decisions.

12. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

13. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights

14. Third-Party Services and Links

Our services may integrate with or contain links to third-party services:

• AI Services: OpenAI, other AI providers with their own privacy policies
• Communication Platforms: WhatsApp, Telegram, other messaging services
• Website Platforms: WordPress, Shopify, Wix, and custom platforms
• Analytics Services: Google Analytics, other analytics providers

We are not responsible for the privacy practices of third-party services. Please review their privacy policies.

15. Business Changes

In the event of a merger, acquisition, or sale of all or part of our business, your personal information may be transferred to the acquiring entity. We will notify you of any such change in ownership or control of your personal information.

16. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by:

• Posting the updated policy on our website with a new effective date
• Sending email notifications for significant changes
• Providing in-app notifications where applicable

Your continued use of our services after the effective date constitutes acceptance of the updated policy.

17. Supervisory Authority

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection supervisory authority. In the UK, this is the Information Commissioner's Office (ICO).